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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely Hied 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)^ Responsive to communication(s) filed on 10 January 2005 , 
2a)^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 11, 453 O.G. 21 3. 

Disposition of Claims 

4) S Claim(s) 1-16 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) S Claim(s) 1-4.8-9.15 and 16 is/are rejected. 

7) D Claim(s) 5-7 and 10-14 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. \ 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

Response to Amendment 
This office action is in response to amendment filed on 01/10/05. The amendment filed 
on 01/10/05 have been entered and made of record. Therefore, presently pending claims are 1- 
16. 

Response to Arguments 

Applicant's arguments filed 01/10/05 have been fully considered. 

In response to applicant's argument that there is no suggestion to combine the references, 
the examiner recognizes that obviousness can only be established by combining or modifying the 
teachings of the prior art to produce the claimed invention where there is some teaching, 
suggestion, or motivation to do so found either in the references themselves or in the knowledge 
generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 
USPQ2d 1596 (Fed. Cir. 1988) and In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 
1992). In this case, combining Moskowitz and Moore would increase security by sharing the 
secret. Encrypting the block list as in Brundrett in the system of Moore would also increase 
security using encryption to mask the list of files that have been encrypted. 

Applicant argued that Moskowitz is not shown to suggest generating an encryption key at 
the metadata server and at the storage server and storing the key in the security object. This is 
not found persuasive. Moskowitz discloses, as disclosed by the applicant, breaking the keys into 
partial keys that is the process of generating the encryption keys. Each of the partial keys is used 
to perform the final encryption therefore each partial key is an encryption key. 
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The applicant argued further, that Brundrett is not shown to suggest the limitations of and 
related to storing the key in the security object, encrypting a list that identifies a set of blocks in 
the opened file, and adding the encrypted list to the security object. Brundrett discloses the key 
being extracted from the meta data, it can therefore be inferred that the key was stored (inserted) 
in the meta data (column 6 lines 15-20). In reference to encrypting a list that identifies a set of 
blocks in the opened file, blocks are a segment of text that can be selected and acted upon as a 
whole in an application. Since a file is a block of text that can be selected and acted upone as a 
whole in an application, then the directory is the list that identifies a set of blocks (column 5 lines 
10-15). Further in reference to adding the encrypted list to the security object. The Brundrett 
reference refers to encrypting the file and the directory; therefore the encrypted list is added to 
the security object. 

The applicant adds further that there is no teaching suggesting the transmitting of the 
claimed security object to a distributed file system interface. This is not persuasive. The 
examiner would like to bring the applicants attention to Fig. 7 of Moore wherein the client 
performs a write function to an object that is maintained in the server. The only was in which the 
data, written in the client, can be maintained at the server is when it is transmitted to the server. 

In reference to claim 2, the applicant argues further that there is no apparent 
correspondence of transmitting a file access request and the claimed security object from the 
distributed file system interface to the storage server. The examiner would like to direct 
attention to Fig. 7 of Moore. 

In reference to claim 15, the applicant argues that Brundrett suggests decrypting file data, 
not decrypting a block list. This is not persuasive because of the definition of block, taken 



Application/Control Number: 09/838,759 Page 4 

Art Unit: 2135 

above, and therefore a block list is a directory and Brundrett does disclose the decryption of the 
directory (column 18 lines 30-32). 

In reference to claims 5-7 and 10-12, the applicant argues that there is no apparent 
transmission of any security object minus a block list as claim. This is found persuasive and the 
rejection is therefore withdrawn. 

The examiner asserts that Moore, Brundrett, and Moskowitz do teach or suggest the 
subject matter broadly recited in independent Claims 1 and 13-14. Dependent Claims 2-4 and 8-9 
are also rejected at least by virtue of their dependency on independent claims and by other reason 
set forth in this office action. Accordingly, rejections for claims 1-4, 8-9, and 15-16 are 
respectfully maintained. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-4, 8-9, and 15-16 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Moore (6,678,700) in view of Moskowitz (20020071556 Al) and Brundrett et al. 
(6,249,866). 

In reference to claims 1 and 13-14, Moore et al (6,678,700) discloses a method of 
receiving at the meta-data server an open- file request that is created by the application 
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(distributed file interface coupled to the client; column 6 lines 36-45), the open-file request 
specifying a name of a first file, wherein the first file includes a first set of blocks (column 6 
lines 13-45 in combination with column 18 lines 23-28). The request for the resource would 
include the name of the file (Fig. 7 part 40). During the creation of the Meta data creation of 
normal objects is used to put data objects into a container at the SRB server (meta data server) 
(column 18 lines 37-46), thus creating an object in response to the open-file request. Moore 
discloses writing the data to the copy then updating the container. This is the function of 
transmitting the object to the file interface because the client and the server have the same copy 
of the information on the file interface. 

However Moore does not disclose generating an encryption key at the meta-data server 
and the storage server. 

Moskowitz et al teaches the generation of partial keys at different entities (page 3 
paragraph 0023). The first key creator creates the first part of the key as does the meta-data 
server and the second key creator creates the second part of the key as does the storage server 
(page 2 paragraph 0015). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use partial keys created at different servers as in the system of Moskowitz and 
adding the keys to the data portion of the object in the system of Moore, thus creating a security 
object. One of ordinary skill in the art would have been motivated to do this because sharing the 
secret between more devices increases the amount of security since both values are required fore 
decrypting the message. 
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Moore and Moskowitz do not disclose adding the encrypted block list to the security 

object. 

Brundrett keeps keys in the meta-data (column 4 line 64 to column 5 line 4). The file is 
encrypted; therefore encrypting a list that identifies the first set of blocks, whereby an encrypted 
block list is formed (column 15 lines 36-39). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to encrypt the file as in Brundrett and adding the encrypted information to the data 
portion of the object in the system of Moore. One of ordinary skill in the art would have been 
motivated to do this because encryption secures the information. 

In reference to claim 2, Moore discloses transmitting a file access request and security 
object from the distributed file system interface to the storage server in response to a file access 
request from a client application (column 6 lines 36-48), the file access request including an 
operation code and a reference to selected data of a file (column 19 lines 33-39); 

Moore and Moskowitz do not disclose decrypting the block list at the storage server in 
response to the file access request; providing access to the selected data in accordance with the 
operation code upon successful decryption of the block list. 

Brundrett discloses decrypting the text for the NTFS in response from a request from an 
application and thereby providing access to the selected data upon successful decryption (column 
17 lines 6-34). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to decrypt the file as in Brundrett in the system of Moore. One of ordinary skill in 
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the art would have been motivated to do this because decryption makes the encrypted data 
available to the user. 

In reference to claims 3, 8 t and 16, Brundrett further discloses encrypting file data at the 
distributed file interface for file write operations using the encryption key in the security object; 
and decrypting file data at the distributed file interface for file read operations using the 
encryption key in the security object (Fig. 17 and Fig. 20). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to encrypt the file as in Brundrett and adding the encrypted information to the data 
portion of the object in the system of Moore. One of ordinary skill in the art would have been 
motivated to do this because encryption secures the information. 

In reference to claim 9, Moore does not disclose a system generating a partial encryption 
key at the meta-data server and storing the partial encryption key in the security object; 
transmitting the security object to the storage server; and completing generation of the 
encryption key at the storage server using the partial encryption key and storing a complete 
encryption key in the security object; and returning the security object with the complete 
encryption key to the meta-data server. 

Moskowitz discloses a system wherein the key is created at two different devices (page 2 
paragraph 0015 and page 3 paragraph 0023). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to create partial keys as in the system of Moskowitz in the system of Moore. One 
of ordinary skill in the art would have been motivated to do this because security is increased 
when more than one person possess the key to sensitive information. 
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In reference to claim 75, Moore discloses transmitting a file access request and security 
object from the distributed file system interface to the storage server in response to a file access 
request from a client application (column 6 lines 36-48), the file access request including an 
operation code and a reference to selected data of a file (column 19 lines 33-39). Moore 
discloses locating the copy of the selected resource (Fig. 16 B part 131), which provides the 
same result as sending the server the object; the server poses the same copy as the client. 

Moore and Moskowitz do not disclose decrypting the block list at the storage server in 
response to the file access request; providing access to the selected data in accordance with the 
operation code upon successful decryption of the block list. 

Brundrett discloses decrypting the text for the NTFS in response from a request from an 
application and thereby providing access to the selected data upon successful decryption (column 
17 lines 6-34). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to decrypt the file as in Brundrett in the system of Moore. One of ordinary skill in 
the art would have been motivated to do this because decryption makes the encrypted data 
available to the user. 

Allowable Subject Matter 
Claims 5-7 and 10-14 are objected to as being dependent upon a rejected base claim, but 
would be allowable if rewritten in independent form including all of the limitations of the base 
claim and any intervening claims. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W. Klimach whose telephone number is (571) 272-3854. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

PWK 

Friday, April 29, 2005 A 




